Cyber Security Glossary

Acceptable Use Policy is a policy that defines the level of access and degree of use of the organization’s network or internet by the members of an organization.

Access Control List or ACL filter network traffic by controlling whether it's allowed or blocked.

An Access Path is a logical order that directs to the location on the computer where an object such as webpage, file etc., is stored.

An access point is a computer networking device which allows a Wi-Fi compliant device to connect to a wired network and usually connects via a router

An access profile is information about a user that is stored on a computer, including their password and name as well as what they are allowed access to.

Access rights are the privileges or permissions awarded to a user or a program to access or alter, edit, delete the files stored on a network. 

Access type is applied to an entity class, mapped superclass or embeddable class and is used to specify attributes

Accountability is the ability to trace an action performed on the system to a user, a process or an application. 

Accounting legend code is numeric code used to indicate the minimum accounting controls required for items accountable communications security (COMSEC) material within the control systems

Access Control List or ACL filter network traffic by controlling whether it's allowed or blocked.

Active security testing is security testing which involves directly interacting with a target, such as sending packets

An ad hoc network is a local area network (LAN) that spontaneously builds as devices connect. An ad hoc network does not rely on a base station to coordinate different points, rather the individual base nodes forward packets to and from each other.

Address Resolution Protocol (ARP) is used for discovering a physical machine (MAC) address and associating it to the Internet Protocol (IP) address.

Administrative safeguards are a special set of the HIPPA security rules. Administrative safeguards focus on internal organization, policies and procedures and the maintenance of security managers which are in place to protect sensitive patient information.

The Advanced Encryption Standard, or AES, is a symmetric block cipher chosen by the U.S. government to protect classified information and is implemented in software and hardware throughout the world to encrypt sensitive data.

Advanced penetration testing is the process of testing a network to discover vulnerabilities which make it open to harmful intruders; then addressing and remedying the issues.

An advanced persistent threat (APT) is a network attack in which an unauthorized person gains access to a network and stays there undetected for a long period of time.

An Adversary is a process, user or device that possesses a threat to the network. 

Adware is type software that automatically displays or downloads unwanted advertising material.

The Advanced Encryption Standard, or AES, is a symmetric block cipher chosen by the U.S. government to protect classified information and is implemented in software and hardware throughout the world to encrypt sensitive data.

Air Gap is a network security measure to ensure that a secure computer network is physically isolated from unsecured networks.

An alert situation is when the interruption in an enterprise is not resolved even after the competition of the threshold stage, an alert situation requires the enterprise to start escalation procedure.

Alternate facilities are secondary facilities includes Offices, data processing centers etc., from where high- priority emergency tasks can be performed, delivered when primary facilities are interrupted, unavailable

An alternate process is a back-up process devised to help continue business critical process without any interruption, from the time the primary enterprise system breaks down to the time of its restoration

Analog is a transmission signal denoted by ‘Sine Way,’ that varies in signal strength (Amplitude) or Frequency (time). While the higher and lower points of the wave denotes the value of signal strength, on the other hand the physical length of the wave indicates the value of time.

Anonymizing proxies allow the user to hide their web browsing activity. They are often used to bypass web security filters—e.g., to access blocked sites from a work computer.

Anti-spam programs can detect unwanted email and prevent it from reaching user inboxes.

Anti-spyware is a type of software that is designed to detect and remove unwanted spyware programs.

Antivirus software is a program or a set of programs that help prevent any malicious object, code, program from entering your computer or network. If any such malicious programs enters your computer, Antivirus software helps detect, quarantine, or remove such programs from the computer or networks

Antivirus is software that is designed to prevent, search for, detect, and remove software viruses, and other malicious software like worms, trojans, adware, and more.

An app attack occurs when a user unknowingly installs a harmful app on their tablet or smartphone and the app in turn steals their personal data.

Appliances are a combination of hardware and software security elements in one solution. This lets you plug appliances in rather than installing the software separately

Application control allows you to control the use of applications that may be inappropriate for use on business computers or networks

An Application Layer is one of the seven layers in the Open-System Interconnection (OSI) Model of the TCP/IP protocol Suite. Application Layer defines the way process-to-process communication happens in a network; it only offers a strong communication interface and end user services.

An advanced persistent threat (APT) is a network attack in which an unauthorized person gains access to a network and stays there undetected for a long period of time.

Architecture is a structure that defines or describes the very fundamentals of a system or an organization, its components, the relationship between each of these components, their relationship to the overall system, and finally, their effectiveness in guiding the system towards its goals.

Address Resolution Protocol (ARP) is used for discovering a physical machine (MAC) address and associating it to the Internet Protocol (IP) address.

An Asymmetric Key (public key) is a security measure that uses two keys to ensure the confidentiality of a message. One key encrypts the message, while the other key decrypts it.

An attack is an action with malicious intention to interrupt the operations of a network or steal the data, etc

An Attack Mechanism is a system or strategy by which a target is hit; the attacker may use different attack mechanisms such as a container or payload to hit the intended target.

An Attack Vector is a means and ways by which attacker gains entry into the target system. Attackers mainly use the human element or the weak links to gain such access.

Attenuation is the weakening of signal strength, analog or digital, especially when transmitted over long distances.

An audit trail is a detailed history of transactions to help you trace a piece of information back to its origin. In the field of computers, Audit trail or paper log, helps maintain security, recover any lost data

Authentication is the process of identifying a piece of information, the veracity of information provided. In computers, it is the process of identifying a person or system with the username; password, etc. Authentication helps individuals; systems gain authorization based on their identity.

Authenticity is the proof or validity that a claimed identity (whether human or a resource) is real and legitimate.

Autorun worms are malicious programs that take advantage of the Windows AutoRun feature. They execute automatically when the device on which they are stored is plugged into a computer.

Availability is the time duration a system or resource is ready for use.

A backdoor is a method, often secret, of bypassing normal authentication or encryption in a computer system.

A backdoor Trojan allows someone to take control of a user’s computer without their permission.

A backup refers to the archiving data so it may be used to restore the original after a data loss event.

Bandwidth is the capacity of a communication channel to pass data through in a given amount of time.

A banner is a display on an information system that sets the parameters for system or data use.

Banner grabbing is the process of grabbing banner information such as the application type and version. This information is then transmitted by a remote port when a connection is initiated.

A security baseline defines a set of basic security objectives which must be met by any given service or system.